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A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
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1 )^ Responsive to communication(s) filed on 10 June 2008 and 21 July 2008 and 20 Aug . 
2a )□ This action is FINAL. 2b)|3 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
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4) ^ Clalm(s) 1.4-24 and 26-33 is/are pending in the application. 

4a) Of the above claim(s) 20-24 and 26-33 is/are withdrawn from consideration. 

5) \Z\ Claim(s) is/are allowed. 

6) KI Claim(s) 1 and 4-19 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) 0 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) ^ The specification is objected to by the Examiner. 

10) ^ The drawing(s) filed on 12 September 2003 is/are: 8)0 accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
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application from the International Bureau (PCT Rule 17.2(a)). 
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DETAILED ACTION 

Continued Examination Under 37 CFR 1.114 

A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1.17(e), was filed in this application after final rejection. Since this application is 
eUgible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) 
has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 
37 CFR 1.1 14. Applicant's submission filed on 06/10/08 has been entered. 

Election/Restrictions 

Applicant's election of Group I, claims 1 and 4-19, in the reply filed on 08/20/08 is 
acknowledged. Because applicant did not distinctly and specifically point out the supposed 
errors in the restriction requirement, the election has been treated as an election without traverse 
(MPEP § 818.03(a)). 

Claims 20-24 and 26-33 are withdrawn from fiirther consideration pursuant to 37 CFR 
1.142(b) as being drawn to a nonelected invention, there being no allowable generic or linking 
claim. Election was made without traverse in the reply filed on 

Drawings 

The drawings are informal and are acceptable for examination purposes only. For 
example. Figs. 3 and 4 are informal. 
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Specification 

The disclosure is objected to because of the following informalities: 
On page 13 line 19, "remote device 720" should be changed to "remote device 710". 
On page 13 line 23, "remote device 700" should be changed to "remote device 710". 
Appropriate correction is required. 



Response to Arguments 

Applicant's arguments with respect to claim 1 have been considered but are moot in view 
of the new ground(s) of rejection. 
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Claim Rejections - 35 USC § 112 
The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

Claims 7-10 are rejected under 35 U.S.C. 112, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 

Regarding claim 7, the phrase "such as" renders the claim indefinite because it is unclear 
whether the limitations following the phrase are part of the claimed invention. See MPEP 
§ 2173.05(d). This deficiency precludes an examination on the merits. It is noted that the claims 
have not been rejected on the basis of prior art since where there is a great deal of confusion and 
uncertainty as to the proper interpretation of the limitations of a claim, it would not be proper to 
reject such a claim on the basis of prior art. As stated in In re Steele, 305 F.2d 859, 134 USPQ 
292 (CCPA 1962), a rejection under 35 U.S.C. 103 should not be based on considerable 
speculation about the meaning of terms employed in a claim or assumptions that must be made 
as to the scope of the claims. 

Claim 8 depends fi-om claim 7 and incorporates the same deficiency. 

Claim 9 recites the limitation "and specifies..." in line 2. The limitation is indefinite 
since it is unclear what is doing the specifying. 

Claim 10 depends from claim 9 and incorporates the same deficiency. 
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Claim Rejections - 35 USC § 101 
35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useftil process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

Claims 1 and 4-19 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. Specifically, the claimed invention is directed to 
functional descriptive material: "data structure" representing descriptive material per se or 
computer programs representing computer listings per se. 

Data structures not claimed as embodied in computer-readable media are descriptive 
material per se and are not statutory because they are not capable of causing functional change in 
the computer. See, e.g., Warmerdam, 33 F.3d at 1361, 31 USPQ2d at 1760 (claim to a data 
structure per sc held nonstatutory). Such claimed data structures do not define any structural and 
functional interrelationships between the data structure and other claimed aspects of the 
invention which permit the data structure's functionality to be realized. In contrast, a claimed 
computer-readable medium encoded with a data structure defines structural and fimctional 
interrelationships between the data structure and the computer software and hardware 
components which permit the data structure's functionality to be realized, and is thus statutory. 

Similarly, computer programs claimed as computer listings per se, i.e., the descriptions or 
expressions of the programs, are not physical "things." They are neither computer components 
nor statutory processes, as they are not "acts" being performed. Such claimed computer 
programs do not define any structural and functional interrelationships between the computer 
program and other claimed elements of a computer which permit the computer program's 
functionality to be realized. In contrast, a claimed computer-readable medium encoded with a 
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computer program is a computer element which defines structural and functional 
interrelationships between the computer program and the rest of the computer which permit the 
computer program's functionality to be realized, and is thus statutory. See Lowry, 32 F.3d at 
1583-84, 32 USPQ2d at 1035. Accordingly, it is important to distinguish claims that define 
descriptive material per se from claims that define statutory inventions. 

Regarding claims 1 and 4-19, although the claims are directed to a "system", all of the 
elements (e.g., "components" of claim 1) could reasonably be interpreted by one of ordinary 
skill, in light of the disclosure (e.g. pg. 6 lines 15-24), to be software, such that the "system" is 
software, per se, not tangibly embodied on a physical storage medium. 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the im ention i^, not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1, 4-6, and 9-19 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Rammler US 2003/0105535 in view of Salowey US 7,370,350. 
Rammler discloses: 

1 . An automation security system, comprising: 

an asset component that defines an industrial automation device (e.g., [0185], [0327]); 

an access component that defines a security attribute associated with the industrial 
automation device (e.g., [0196], [0230], [0232]), the security attribute including a location 
attribute (e.g., [0196]: "Access can be controlled... based on a valid IP address") and a time 
attribut e that grants acc e ss to th e industrial automation d e vic e for a pr e d e t e rmin e d amount of 
time; and 

a security component that regulates access to the industrial automation device based upon 
the security attribute and includes an automated security assessment component (e.g., [0196]: 
"Access can be controlled. . .based on a vahd IP address"). 

4. The system of claim 1, the security component is based on at least one of 
automation and process control security (e.g., [0184]-[0185]), cryptography, and 
Authentication/ Authorization/Accounting (AAA) . 
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5. The system of claim 1, the asset component describes at least one of factory 
components and groupings, the factory components are at least one of sensors, actuators, 
controllers, I/O modules, communications modules, or human-machine interface (HMI) devices 
(e.g.. Figs. 5-8). 

6. The system of claim 5, the groupings include factory components that are grouped 
into at least one of machines, machines grouped into lines, or lines grouped into facilities (e.g., 
Figs. 5-8). 

9. The system of claim 1, further comprising a set of generic IT components and 
specifies parameters to assemble and configure the IT components to achieve flexible access to 
the industrial automation device (e.g.. Fig. 4, Fig. 6). 

10. The system of claim 9, the IT components include at least one of switches with 
virtual local area network (VLAN) capability, routers with access list capability, firewalls, 
virtual private network (VPN) termination devices, intrusion detection systems, AAA servers, 
configuration tools, or monitoring tools (e.g., Fig. 4, Fig. 6). 

11. The system of claim 1, fiirther comprising security parameters and policies that 
are developed for physical and electronic security for various component types (e.g., [0196], 
[0230], [0232]). 

12. The system of claim 1 1, the security parameters and policies further comprising at 
least one of security protection levels (e.g., [0196], [0230], [0232]), identification entry 
capabilities, integrity algorithms, or privacy algorithms. 
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13. The system of claim 1, the security component includes at least one of 
authentication software, virus detection, intrusion detection, authorization software (e.g., [0196], 
[0230], [0232]), attack detection, protocol checker, or encryption software. 

14. The system of claim 13, the security component at least one of acts as an 

intermediary between an access system and one or more automation components, or facilitates 
communications between the access system and the one or more automation components (e.g., 
Fig. 4, Fig. 6). 

15. The system of claim 1, the security attributes are specified as part of a network 

request to gain access to the at least one industrial automation device, the security attributes 
included in at least one of a group, set, subset, or class (e.g.. Fig. 4, Fig. 6, [0196], [0230], 
[0232]). 

16. The system of claim 15, the security component employs at least one 
authentication procedure and an authorization procedure to process the network request (e.g., 
[0196], [0230], [0232]). 

17. The system of claim 16, fiirther comprising one or more security protocols 
including at least one of Internet Protocol Security (IPSec), Kerberos, Diffie-Hellman exchange, 
Internet Key Exchange (IKE), digital certificate, pre-shared key, or encrypted password, to 
process the network request (e.g., [0060], [0187]). 

18. The system of claim 15, further comprising at least one of an access key or a 
security switch to control network access to a device or network (e.g.. Fig. 4, Fig. 6, [0060], 
[0187]). 
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19. The system of claim 18, the access key further comprises at least one of time, 
location, batch, process, program, calendar, or GPS (Global Positioning Information) to specify 
local and wireless network locations, to control access to the device or network (e.g., Fig. 4, Fig. 
6, [0060], [0187], [0196], [0230], [0232]). 

Rammler does not explicitly disclose a time attribute that grants access to the industrial 
automation device for a predetermined amount of time, as recited in claim 1 . 

Rantmiler does disclose a timeout feature (e.g., [0190]), but it does not appear to be in the 
context of granting access to a device for a predetermined amount of time. 

Salowey US 7,370,350 discloses a method and apparatus for re-authentication computing 
devices, comprising a time attribute that grants access to the industrial automation device for a 
predetermined amount of time (e.g., col. 7 lines 33-49). 

It would have been obvious to one having ordinary skill in the art at the time the 
invention was made to modify Rammler with Salowey since all the claimed elements were 
known in the prior art and one skilled in the art could have combined the elements as claimed by 
known methods with no change in their respective functions, and the combination would have 
yielded predictable results to one of ordinary skill in the art at the time of the invention. See 
KSR V. Teleflex, 127 S.Ct. 1727 (2007). 
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Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to RYAN A. JARRETT whose telephone number is (571)272-3742. 
The examiner can normally be reached on 10:00-6:30 M-F. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Albert Decady can be reached on (571) 272-3819. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published appHcations 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



10/19/08 



/Ryan A. Jarrett/ 

Primary Examiner, Art Unit 2121 



